Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,586 advisories

Loading
Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication... High Unreviewed
CVE-2014-2955 was published May 17, 2022
Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa... High Unreviewed
CVE-2014-0782 was published May 17, 2022
Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have... High Unreviewed
CVE-2014-2940 was published May 17, 2022
Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200,... High Unreviewed
CVE-2013-7180 was published May 17, 2022
The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2... High Unreviewed
CVE-2014-2357 was published May 17, 2022
SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute... High Unreviewed
CVE-2012-5685 was published May 17, 2022
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection... High Unreviewed
CVE-2014-2936 was published May 17, 2022
SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0,... High Unreviewed
CVE-2014-4852 was published May 17, 2022
SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary... High Unreviewed
CVE-2014-4850 was published May 17, 2022
Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices... High Unreviewed
CVE-2014-3815 was published May 17, 2022
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute... High Unreviewed
CVE-2014-5104 was published May 17, 2022
Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote... High Unreviewed
CVE-2014-2363 was published May 17, 2022
Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and... High Unreviewed
CVE-2014-2405 was published May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow... High Unreviewed
CVE-2014-0524 was published May 17, 2022
D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02... High Unreviewed
CVE-2013-4772 was published May 17, 2022
Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and... High Unreviewed
CVE-2014-0462 was published May 17, 2022
The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators... High Unreviewed
CVE-2013-1668 was published May 17, 2022
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management... High Unreviewed
CVE-2014-2881 was published May 17, 2022
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin High
CVE-2022-30945 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 18, 2022
NotMyFault
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of... High Unreviewed
CVE-2014-2969 was published May 17, 2022
logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103)... High Unreviewed
CVE-2014-2959 was published May 17, 2022
Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2014-2967 was published May 17, 2022
Cross-site Scripting in Jenkins Rundeck Plugin High
CVE-2022-30956 was published for org.jenkins-ci.plugins:rundeck (Maven) May 18, 2022
NotMyFault
Cross Site Request Forgery in Jenkins Storable Configs Plugin High
CVE-2022-30972 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 18, 2022
NotMyFault
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or... High Unreviewed
CVE-2019-4338 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database